Authored by Ingo Molnar, the change, titled “x86/cpu: Remove M486/M486SX/ELAN support,” begins dismantling Linux’s built-in support for the i486, which was first released back in 1989. As the changelog notes, even Linus is keen to cut ties with the architecture: “In the x86 architecture we have various complicated hardware emulation facilities on x86-32 to support ancient 32-bit CPUs that very very few people are using with modern kernels. This compatibility glue is sometimes even causing problems that people spend time to resolve, which time could be spent on other things. As Linus recently remarked: ‘I really get the feeling that it’s time to leave i486 support behind. There’s zero real reason for anybody to waste one second of development effort on this kind of issue’…”

If you’re one of the rare few who still keep the decades-old CPU alive, your best bet will be to grab an LTS Linux distro that keeps the older version of Linux for a few more years.

“Telegram was banned in Russia, yet 65 million Russians still use it daily via VPNs,” Durov said Saturday in a post on Telegram. “The government has spent years trying to ban VPNs too. Their blocking attempts just triggered a massive banking failure; cash briefly became the only payment method nationwide yesterday.” Attempts on Friday to limit VPN use could have sparked the disruption affecting banking apps, The Bell and other Russian media reported, citing industry sources who weren’t identified.

The outage may have been caused by an overload in the filtering systems run by Russia’s communications watchdog, according to the reports, with experts warning that major restrictions risk undermining network stability… Separately, payments for Apple Inc.‘s app store and other services became unavailable in Russia from April 1, the US company said on its website, without saying why. Earlier, RBC newswire reported that the Digital Development Ministry had asked mobile operators to disable top-ups, which could help limit VPN use....

Durov, who’s being investigated in Russia for allegedly aiding terrorist activity, compared the situation in his home country to Iran, where similar restrictions prompted widespread adoption of VPNs instead of the intended shift to state-backed messaging apps. “Welcome back to the Digital Resistance, my Russian brothers and sisters,” said Durov, who has lived in Dubai and France in recent years. “The entire nation is now mobilized to bypass these absurd restrictions,” he wrote, adding that Telegram would continue adapting to make its traffic harder to detect and block.

[NASA astronaut Christina Koch realized] it looked different from what she was accustomed to on Earth. “The darker parts just aren’t quite in the right place,” she said. “And something about you senses that is not the moon that I’m used to seeing....”

[Astronaut Reid] Wiseman called the flight a “magnificent accomplishment” and said the astronauts’ ability to gaze at both Earth and the moon from their spacecraft has been “truly awe-inspiring.” “The Earth is almost in full eclipse. The moon is almost in full daylight, and the only way you could get that view is to be halfway between the two entities,” he said… And while the early photos of Earth and the moon that [Canadian astronaut Jeremy] Hansen and his colleagues have beamed back have been spectacular, the Canadian astronaut said they pale in comparison to the real deal outside their capsule’s windows. “I know those photos are amazing,” he said, “but let me assure you, it is another level of amazing up here.”

A total solar eclipse also awaits them as the moon blocks the sun, exposing snippets of shimmering corona.... At closest approach, they will come within 4,070 miles (6,550 kilometers) of the moon. Because they launched on April 1, the rendezvous won’t have as much of the far lunar side illuminated as other dates would have. But the crew still will be able make out “definite chunks of the far side that have never been seen” by humans, said NASA geologist Kelsey Young, including a good portion of Orientale Basin.

They’ll call down their observations as they photograph the gray, pockmarked scenes. There’s a suite of professional-quality cameras on board, and each astronaut also has an iPhone for more informal, spur-of-the-minute picture-taking… Orion will be out of contact with Mission Control for nearly an hour when it’s behind the moon. The same thing happened during the Apollo moonshots. NASA is relying on its Deep Space Network to communicate with the crew, but the giant antennas in California, Spain and Australia won’t have a direct line of sight when Orion disappears behind the moon for approximately 40 minutes…

Once Artemis II departs the lunar neighborhood, it will take four days to return home. The capsule will aim for a splashdown in the Pacific near San Diego on April 10, nine days after its Florida launch. During the flight back, the astronauts will link up via radio with the crew of the orbiting International Space Station. This is the first time that a moon crew has colleagues in space at the same time and NASA can’t pass up the opportunity for a cosmic chitchat.

Up to now, 80% of its payouts have been for discoveries of new flaws, and 20% to support remediation efforts. But as artificial intelligence makes it easier to find bugs, that balance needs to change, HackerOne said in a statement. “AI-assisted research is expanding vulnerability discovery across the ecosystem, increasing both coverage and speed. The balance between findings and remediation capacity in open source has substantively shifted,” said HackerOne.

Among the first programs to be affected is the Node.js project, a server-side JavaScript platform for web applications known for its extensive ecosystem. While the project team will continue to accept and triage bug reports through HackerOne, without funding from the Internet Bug Bounty program it will no longer pay out rewards, according to an announcement on its website…

[J]ust last month, Google also put a halt to AI-generated submissions provided to its Open Source Software Vulnerability Reward Program.

Specifically, Claude Code includes a file called “userPromptKeywords.ts” with a simple pattern-matching tool called regex, which sweeps each and every message submitted to Claude for certain text matches. In this particular case, the regex pattern is watching for “wtf,” “wth,” “omfg,” “dumbass,” “horrible,” “awful,” “piece of — -" (insert your favorite four-letter word for that one), “f — you,” “screw this,” “this sucks,” and several other colorful metaphors… While the Claude Code leak revealed the existence of the “frustration words” regex, it doesn’t give any indication of why Claude Code is scouring messages for these words or what it’s doing with them.

First, he parades all the safety doomers, seeming to believe their warnings that an unfeeling superintelligence is upon us and we can’t trust it. Then, sufficiently disturbed, he hauls in the AI cheerleaders, a suspiciously positive gang who can envision only medical miracles and grindless lives in which we’re all full-time artists. Only then, after this simplistic setup where platitudes reign, do we get the section in which the subject is treated like the brave (and grave) new world it is: geopolitically fraught, economically tenuous and a playground for billionaires.

Why couldn’t the complexity have been the dialogue from the beginning, instead of the play-dumb cartoon “The AI Doc” feels like for so long? Maybe Roher believes this is what our increasingly gullible, truth-challenged citizenry needs from an explanatory doc: a flashy, kindhearted reminder that we’re the change we need to be.

One Wednesday in February, he cranked out seven. “I’m a bit of a freak,” Lichtenberg said… A story by Lichtenberg sometimes starts with a prompt entered into Perplexity or Google’s NotebookLM, asking it to write something based on a headline he comes up with. He moves the AI tools’ initial drafts into a content-management system and edits the stories before publishing them for Fortune’s readers… A piece from earlier that morning about Josh D’Amaro being named Disney CEO took 10 minutes to get online, he said…

Like other journalists, Lichtenberg vets his stories. He refers back to the original documents to confirm the information he’s reporting is correct. He reaches out to companies for comment. But he admits his process isn’t as thorough as that of magazine fact-checkers.

Some executives have made full-throated declarations about the threat posed by AI. New York Times publisher A.G. Sulzberger said AI “is almost certainly going to usher in an unprecedented torrent of crap,” referencing deepfakes as an example. The NewsGuild of New York, the union representing Fortune employees and journalists at other media outlets, said the people are what makes journalism so powerful. “You simply can’t replicate lived experiences, human judgment and expertise,” said president Susan DeCarava.

For Chris Quinn, the editor of local publications Cleveland.com and the Plain Dealer, AI tools have helped tame other torrents facing the industry. AI has allowed the outlets to cover counties in Ohio that otherwise might go ignored by scraping information from local websites and sending “tips” to reporters, he said. It has also edited stories and written first drafts so the newsrooms’ journalists can focus on the calls, research and reporting needed for their stories.... Newsrooms from the New York Times to The Wall Street Journal are deploying AI in various ways to help reporters and editors work more efficiently....

Not all newsrooms disclose their use of AI, and in some cases have rolled out new tools that resulted in errors or PR gaffes. An October study from the European Broadcasting Union and the BBC, which relied on professional journalists to evaluate the news integrity of more than 3,000 AI responses, found that almost half of all AI responses had at least one significant issue.

We must stem the idea being pushed by tech companies and their billionaire funders who’ve sunk too much into their products to admit defeat that the infiltration of AI into journalism is inevitable; because from my perch as an independent journalist, it simply is not…

Some AI-loving journalists appear to believe that if they’re clear enough with the AI program they’re using, it will truly understand what they’re seeking and not just do what it’s made to do: steal shit… If you want to work with machines, get a job that requires it. There are a whole lot more of those than there are writing jobs, so free up space for people who actually want to do the work. You’re not doing the world a favor by gifting it your human/AI hybrid. Journalism will not miss you if you leave…

For me, the experience was an entirely painless one, taking less than 30 seconds. All I had to do was tap a confirm and continue button, and Apple told me that the length of time I’d had an Apple account was used to confirm that I’m 18+. Others, however, experienced difficulties with the process timing out or failing to complete. We summarized some of the steps you can take to try to address this. Apple has since listed additional acceptable ways to verify your age. “You can confirm your age with a credit card, or by scanning a driver’s license or one of the following PASS-accredited Proof of Age cards: CitizenCard, My ID Card, TOTUM ID card, or Young Scot National Entitlement Card.”

If you don’t verify your age, then you’ll be treated as a child or teenager, meaning that both the web content filter and communication safety features are switched on.

[T]he browser can intelligently postpone the loading of certain elements. Why load all images at the start when it can instead load images as you get close to them while scrolling? Chrome and Chromium-based browsers have had built-in lazy loading support for images and iframes since 2019, but this feature would make browsers capable of lazy loading video and audio elements, too. Note, however, that this won’t benefit YouTube video embeds — those are already lazy loadable since they’re embedded using iframes. Actual video and audio elements are rarer but not uncommon. In addition to Chrome, lazy loading of video and audio elements is also expected to be added to other Chromium-based browsers, including Microsoft Edge and Vivaldi.

[S]cientists have taken the genes these organisms use to make five natural psychedelics and introduced them into a tobacco plant ( Nicotiana benthamiana), which then produced all five compounds simultaneously. As interest grows in psychedelics as potential treatments for illnesses such as depression, anxiety, and PTSD, the newly developed system could offer scientists a new way to produce these compounds for research purposes…

[P]rogress in this field remains limited, in part due to regulatory restrictions, underscoring the need for more research. This creates practical challenges for scientists. “Traditionally, the supply of psychedelics relies on natural producers, mainly plants, fungi, and the Sonoran Desert toad,” the researchers write. “Harvesting these organisms for their psychoactive compounds raises ecological and ethical concerns, being increasingly threatened by habitat loss and overexploitation…”

[T]he team carefully monitored the plant’s production of five psychedelic tryptamines: DMT originally from plants; psilocin and psilocybin from mushrooms; and bufotenin and 5-MeO-DMT from toads. The modified tobacco plants were found to produce all five compounds simultaneously.

Ubuntu 14.04 LTS (Trusty Tahr) set the floor at 1GB — a modest ask when it launched more than a decade ago in 2014. Then came the Ubuntu 18.04 LTS (Bionic Beaver) that pushed the number to 4GB, surviving quite well in the era of 16GB being considered standard for mid-range laptops.... Ubuntu’s new minimum requirement lands in an interesting spot when compared against Windows 11. Microsoft’s operating system requires just 4GB RAM, although real-world usage often tells a different story. Usually, 8GB is considered the sweet spot to handle modern apps and multitasking.

it’s more of an honesty bump. Components that make up the distro — the GNOME desktop and extensions, modern web browsers (and the sites we load in them) and the kinds of apps we use (and keep running) whilst multitasking are more demanding… The Resolute Raccoon’s memory requirements better reflect real-world multitasking.

Ubuntu 26.04 LTS can be installed on devices with less than 6GB RAM (but not less than 25GB of disk space). The experience may not be as smooth or as responsive as developers intend (so you don’t get to complain), but it will work. I installed Ubuntu 26.04 Beta on a laptop with just 2 GB of memory — slow to the point of frustration in use, but otherwise functional.

If you have a device with 4 GB RAM and you can’t upgrade (soldered memory is a thing, and e-waste can be avoided), then alternatives exist. Many Ubuntu flavours, like Lubuntu, have lower system requirements than the main edition. Plus, there’s always the manual option using the Ubuntu netboot installer to install a base system and then built out a more minimal system from there.

“I want you to make a list of every app any customer would ever want to use,” he told Forstall. “And then the two of us will prioritize that list. And then I’m going to write you a blank check, and you are going to build the largest development team in the history of the world, to build as many apps as you can as quickly as possible.” Forstall, dubious, began composing a list. But on the side, he instructed his engineers to build the security foundations of an app store into the iPhone’s software-“against Steve’s knowledge and wishes,” Forstall says. […]

Two weeks after the iPhone’s release, someone figured out how to “jailbreak” the iPhone: to hack it so that they could install custom apps. Jobs burst into Forstall’s office. “You have to shut this down!” But Forstall didn’t see the harm of developers spending their efforts making the iPhone better. “If they add something malicious, we’ll ship an update tomorrow to protect against that. But if all they’re doing is adding apps that are useful, there’s no reason to break that.” Jobs, troubled, reluctantly agreed.

Week by week, more cool apps arrived, available only to jailbroken phones. One day in October, Jobs read an article about some of the coolest ones. “You know what?” he said. “We should build an app store.”

Forstall, delighted, revealed his secret plan. He had followed in the footsteps of Burrell Smith (the Mac’s memory-expansion circuit) and Bob Belleville (the Sony floppy-drive deal): He’d disobeyed Jobs and wound up saving the project.

The malicious versions were removed within roughly three hours of being published, but Google warned the incident could have “far-reaching impacts” given the package’s widespread use, according to John Hultquist, chief analyst at Google Threat Intelligence Group. Wiz estimates Axios is downloaded roughly 100 million times per week and is present in about 80% of cloud and code environments. So far, Wiz has observed the malicious versions in roughly 3% of the environments it has scanned.

[Saayman] fell for a scheme from a North Korean hacking group, dubbed UNC1069, which involves sending out phishing messages and then hosting virtual meetings that use AI deepfakes to clone the face and voices of real executives. The virtual meetings will then create the impression of an audio problem, which can only be “solved” if the victim installs some software or runs a troubleshooting command. In reality, it’s an effort to execute malware. The North Koreans have been using the tactic repeatedly, whether it be to phish cryptocurrency firms or to secure jobs from IT companies.

Saayman said he faced a similar playbook. “They reached out masquerading as the founder of a company, they had cloned the company’s founders likeness as well as the company itself,” he wrote. “They then invited me to a real Slack workspace. This workspace was branded… The Slack was thought out very well, they had channels where they were sharing LinkedIn posts. The LinkedIn posts I presume just went to the real company’s account, but it was super convincing etc.” The hackers then invited him to a virtual meeting on Microsoft Teams. “The meeting had what seemed to be a group of people that were involved. The meeting said something on my system was out of date. I installed the missing item as I presumed it was something to do with Teams, and this was the remote access Trojan,” he added. “Everything was extremely well coordinated, looked legit and was done in a professional manner.”

The accounts now span some of the most widely depended-upon packages in the npm registry and Node.js core itself, and together they confirm that axios was not a one-off target. It was part of a coordinated, scalable attack pattern aimed at high-trust, high-impact open source maintainers. Attackers also targeted several Socket engineers, including CEO Feross Aboukhadijeh. Feross is the creator of WebTorrent, StandardJS, buffer, and dozens of widely used npm packages with billions of downloads… Commenting on the axios post-mortem thread, he noted that this type of targeting [against individual maintainers] is no longer unusual… “We’re seeing them across the ecosystem and they’re only accelerating.”

Jordan Harband, John-David Dalton, and other Socket engineers also confirmed they were targeted. Harband, a TC39 member, maintains hundreds of ECMAScript polyfills and shims that are foundational to the JavaScript ecosystem. Dalton is the creator of Lodash, which sees more than 137 million weekly downloads on npm. Between them, the packages they maintain are downloaded billions of times each month. Wes Todd, an Express TC member and member of the Node Package Maintenance Working Group, also confirmed he was targeted. Matteo Collina, co-founder and CTO of Platformatic, Node.js Technical Steering Committee Chair, and lead maintainer of Fastify, Pino, and Undici, disclosed on April 2 that he was also targeted. His packages also see billion downloads per year… Scott Motte, creator of dotenv, the package used by virtually every Node.js project that handles environment variables, with more than 114 million weekly downloads, also confirmed he was targeted using the same Openfort persona.

The dropper contacts a live command-and-control server, delivers separate second-stage payloads for macOS, Windows, and Linux, then erases itself and replaces its own package.json with a clean decoy… Three payloads were pre-built for three operating systems. Both release branches were poisoned within 39 minutes of each other. Every artifact was designed to self-destruct. Within two seconds of npm install, the malware was already calling home to the attacker’s server before npm had even finished resolving dependencies… Both versions were published using the compromised npm credentials of a lead axios maintainer, bypassing the project’s normal GitHub Actions CI/CD pipeline.

“The machine learning-based intelligent rollout has expanded to all devices running Home and Pro editions of Windows 11, version 24H2 that are not managed by IT departments,” Microsoft said in a Monday update to the Windows release health dashboard… “No action is required, and you can choose when to restart your device or postpone the update.”

The good news is that the update from version 24H2 to 25H2 is a minor enablement package, as the two operating systems share the same codebase. As such, the update won’t take long, and you should not encounter any disruptions, compatibility issues, or previously unseen bugs… Microsoft recently promised to implement big changes in how Windows Update works, including the ability to postpone updates for as long as you want. However, Microsoft has yet to clarify if that includes staying on a release beyond its support period.